<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en_US" lang="en_US">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>JdkSslServerContext xref</title>
<link type="text/css" rel="stylesheet" href="../../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../../api/org/jboss/netty/handler/ssl/JdkSslServerContext.html">View Javadoc</a></div><pre>

<a class="jxr_linenumber" name="1" href="#1">1</a>   <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="2" href="#2">2</a>   <em class="jxr_comment"> * Copyright 2014 The Netty Project</em>
<a class="jxr_linenumber" name="3" href="#3">3</a>   <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="4" href="#4">4</a>   <em class="jxr_comment"> * The Netty Project licenses this file to you under the Apache License,</em>
<a class="jxr_linenumber" name="5" href="#5">5</a>   <em class="jxr_comment"> * version 2.0 (the "License"); you may not use this file except in compliance</em>
<a class="jxr_linenumber" name="6" href="#6">6</a>   <em class="jxr_comment"> * with the License. You may obtain a copy of the License at:</em>
<a class="jxr_linenumber" name="7" href="#7">7</a>   <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="8" href="#8">8</a>   <em class="jxr_comment"> *   <a href="http://www.apache.org/licenses/LICENSE-2.0" target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.0</a></em>
<a class="jxr_linenumber" name="9" href="#9">9</a>   <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="10" href="#10">10</a>  <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing, software</em>
<a class="jxr_linenumber" name="11" href="#11">11</a>  <em class="jxr_comment"> * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT</em>
<a class="jxr_linenumber" name="12" href="#12">12</a>  <em class="jxr_comment"> * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the</em>
<a class="jxr_linenumber" name="13" href="#13">13</a>  <em class="jxr_comment"> * License for the specific language governing permissions and limitations</em>
<a class="jxr_linenumber" name="14" href="#14">14</a>  <em class="jxr_comment"> * under the License.</em>
<a class="jxr_linenumber" name="15" href="#15">15</a>  <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="16" href="#16">16</a>  
<a class="jxr_linenumber" name="17" href="#17">17</a>  <strong class="jxr_keyword">package</strong> org.jboss.netty.handler.ssl;
<a class="jxr_linenumber" name="18" href="#18">18</a>  
<a class="jxr_linenumber" name="19" href="#19">19</a>  <strong class="jxr_keyword">import</strong> org.jboss.netty.buffer.ChannelBuffer;
<a class="jxr_linenumber" name="20" href="#20">20</a>  <strong class="jxr_keyword">import</strong> org.jboss.netty.buffer.ChannelBufferInputStream;
<a class="jxr_linenumber" name="21" href="#21">21</a>  
<a class="jxr_linenumber" name="22" href="#22">22</a>  <strong class="jxr_keyword">import</strong> javax.crypto.Cipher;
<a class="jxr_linenumber" name="23" href="#23">23</a>  <strong class="jxr_keyword">import</strong> javax.crypto.EncryptedPrivateKeyInfo;
<a class="jxr_linenumber" name="24" href="#24">24</a>  <strong class="jxr_keyword">import</strong> javax.crypto.NoSuchPaddingException;
<a class="jxr_linenumber" name="25" href="#25">25</a>  <strong class="jxr_keyword">import</strong> javax.crypto.SecretKey;
<a class="jxr_linenumber" name="26" href="#26">26</a>  <strong class="jxr_keyword">import</strong> javax.crypto.SecretKeyFactory;
<a class="jxr_linenumber" name="27" href="#27">27</a>  <strong class="jxr_keyword">import</strong> javax.crypto.spec.PBEKeySpec;
<a class="jxr_linenumber" name="28" href="#28">28</a>  <strong class="jxr_keyword">import</strong> javax.net.ssl.KeyManagerFactory;
<a class="jxr_linenumber" name="29" href="#29">29</a>  <strong class="jxr_keyword">import</strong> javax.net.ssl.SSLContext;
<a class="jxr_linenumber" name="30" href="#30">30</a>  <strong class="jxr_keyword">import</strong> javax.net.ssl.SSLException;
<a class="jxr_linenumber" name="31" href="#31">31</a>  <strong class="jxr_keyword">import</strong> javax.net.ssl.SSLSessionContext;
<a class="jxr_linenumber" name="32" href="#32">32</a>  <strong class="jxr_keyword">import</strong> java.io.File;
<a class="jxr_linenumber" name="33" href="#33">33</a>  <strong class="jxr_keyword">import</strong> java.io.IOException;
<a class="jxr_linenumber" name="34" href="#34">34</a>  <strong class="jxr_keyword">import</strong> java.security.InvalidAlgorithmParameterException;
<a class="jxr_linenumber" name="35" href="#35">35</a>  <strong class="jxr_keyword">import</strong> java.security.InvalidKeyException;
<a class="jxr_linenumber" name="36" href="#36">36</a>  <strong class="jxr_keyword">import</strong> java.security.KeyFactory;
<a class="jxr_linenumber" name="37" href="#37">37</a>  <strong class="jxr_keyword">import</strong> java.security.KeyStore;
<a class="jxr_linenumber" name="38" href="#38">38</a>  <strong class="jxr_keyword">import</strong> java.security.NoSuchAlgorithmException;
<a class="jxr_linenumber" name="39" href="#39">39</a>  <strong class="jxr_keyword">import</strong> java.security.PrivateKey;
<a class="jxr_linenumber" name="40" href="#40">40</a>  <strong class="jxr_keyword">import</strong> java.security.Security;
<a class="jxr_linenumber" name="41" href="#41">41</a>  <strong class="jxr_keyword">import</strong> java.security.cert.Certificate;
<a class="jxr_linenumber" name="42" href="#42">42</a>  <strong class="jxr_keyword">import</strong> java.security.cert.CertificateFactory;
<a class="jxr_linenumber" name="43" href="#43">43</a>  <strong class="jxr_keyword">import</strong> java.security.spec.InvalidKeySpecException;
<a class="jxr_linenumber" name="44" href="#44">44</a>  <strong class="jxr_keyword">import</strong> java.security.spec.PKCS8EncodedKeySpec;
<a class="jxr_linenumber" name="45" href="#45">45</a>  <strong class="jxr_keyword">import</strong> java.util.ArrayList;
<a class="jxr_linenumber" name="46" href="#46">46</a>  <strong class="jxr_keyword">import</strong> java.util.Collections;
<a class="jxr_linenumber" name="47" href="#47">47</a>  <strong class="jxr_keyword">import</strong> java.util.List;
<a class="jxr_linenumber" name="48" href="#48">48</a>  
<a class="jxr_linenumber" name="49" href="#49">49</a>  <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="50" href="#50">50</a>  <em class="jxr_javadoccomment"> * A server-side {@link SslContext} which uses JDK's SSL/TLS implementation.</em>
<a class="jxr_linenumber" name="51" href="#51">51</a>  <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="52" href="#52">52</a>  <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">class</strong> <a href="../../../../../org/jboss/netty/handler/ssl/JdkSslServerContext.html">JdkSslServerContext</a> <strong class="jxr_keyword">extends</strong> <a href="../../../../../org/jboss/netty/handler/ssl/JdkSslContext.html">JdkSslContext</a> {
<a class="jxr_linenumber" name="53" href="#53">53</a>  
<a class="jxr_linenumber" name="54" href="#54">54</a>      <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> SSLContext ctx;
<a class="jxr_linenumber" name="55" href="#55">55</a>      <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">final</strong> List&lt;String&gt; nextProtocols;
<a class="jxr_linenumber" name="56" href="#56">56</a>  
<a class="jxr_linenumber" name="57" href="#57">57</a>      <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="58" href="#58">58</a>  <em class="jxr_javadoccomment">     * Creates a new instance.</em>
<a class="jxr_linenumber" name="59" href="#59">59</a>  <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="60" href="#60">60</a>  <em class="jxr_javadoccomment">     * @param certChainFile an X.509 certificate chain file in PEM format</em>
<a class="jxr_linenumber" name="61" href="#61">61</a>  <em class="jxr_javadoccomment">     * @param keyFile a PKCS#8 private key file in PEM format</em>
<a class="jxr_linenumber" name="62" href="#62">62</a>  <em class="jxr_javadoccomment">     */</em>
<a class="jxr_linenumber" name="63" href="#63">63</a>      <strong class="jxr_keyword">public</strong> <a href="../../../../../org/jboss/netty/handler/ssl/JdkSslServerContext.html">JdkSslServerContext</a>(File certChainFile, File keyFile) <strong class="jxr_keyword">throws</strong> SSLException {
<a class="jxr_linenumber" name="64" href="#64">64</a>          <strong class="jxr_keyword">this</strong>(certChainFile, keyFile, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="65" href="#65">65</a>      }
<a class="jxr_linenumber" name="66" href="#66">66</a>  
<a class="jxr_linenumber" name="67" href="#67">67</a>      <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="68" href="#68">68</a>  <em class="jxr_javadoccomment">     * Creates a new instance.</em>
<a class="jxr_linenumber" name="69" href="#69">69</a>  <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="70" href="#70">70</a>  <em class="jxr_javadoccomment">     * @param certChainFile an X.509 certificate chain file in PEM format</em>
<a class="jxr_linenumber" name="71" href="#71">71</a>  <em class="jxr_javadoccomment">     * @param keyFile a PKCS#8 private key file in PEM format</em>
<a class="jxr_linenumber" name="72" href="#72">72</a>  <em class="jxr_javadoccomment">     * @param keyPassword the password of the {@code keyFile}.</em>
<a class="jxr_linenumber" name="73" href="#73">73</a>  <em class="jxr_javadoccomment">     *                    {@code null} if it's not password-protected.</em>
<a class="jxr_linenumber" name="74" href="#74">74</a>  <em class="jxr_javadoccomment">     */</em>
<a class="jxr_linenumber" name="75" href="#75">75</a>      <strong class="jxr_keyword">public</strong> <a href="../../../../../org/jboss/netty/handler/ssl/JdkSslServerContext.html">JdkSslServerContext</a>(File certChainFile, File keyFile, String keyPassword) <strong class="jxr_keyword">throws</strong> SSLException {
<a class="jxr_linenumber" name="76" href="#76">76</a>          <strong class="jxr_keyword">this</strong>(<strong class="jxr_keyword">null</strong>, certChainFile, keyFile, keyPassword, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, 0, 0);
<a class="jxr_linenumber" name="77" href="#77">77</a>      }
<a class="jxr_linenumber" name="78" href="#78">78</a>  
<a class="jxr_linenumber" name="79" href="#79">79</a>      <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="80" href="#80">80</a>  <em class="jxr_javadoccomment">     * Creates a new instance.</em>
<a class="jxr_linenumber" name="81" href="#81">81</a>  <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="82" href="#82">82</a>  <em class="jxr_javadoccomment">     * @param bufPool the buffer pool which will be used by this context.</em>
<a class="jxr_linenumber" name="83" href="#83">83</a>  <em class="jxr_javadoccomment">     *                {@code null} to use the default buffer pool.</em>
<a class="jxr_linenumber" name="84" href="#84">84</a>  <em class="jxr_javadoccomment">     * @param certChainFile an X.509 certificate chain file in PEM format</em>
<a class="jxr_linenumber" name="85" href="#85">85</a>  <em class="jxr_javadoccomment">     * @param keyFile a PKCS#8 private key file in PEM format</em>
<a class="jxr_linenumber" name="86" href="#86">86</a>  <em class="jxr_javadoccomment">     * @param keyPassword the password of the {@code keyFile}.</em>
<a class="jxr_linenumber" name="87" href="#87">87</a>  <em class="jxr_javadoccomment">     *                    {@code null} if it's not password-protected.</em>
<a class="jxr_linenumber" name="88" href="#88">88</a>  <em class="jxr_javadoccomment">     * @param ciphers the cipher suites to enable, in the order of preference.</em>
<a class="jxr_linenumber" name="89" href="#89">89</a>  <em class="jxr_javadoccomment">     *                {@code null} to use the default cipher suites.</em>
<a class="jxr_linenumber" name="90" href="#90">90</a>  <em class="jxr_javadoccomment">     * @param nextProtocols the application layer protocols to accept, in the order of preference.</em>
<a class="jxr_linenumber" name="91" href="#91">91</a>  <em class="jxr_javadoccomment">     *                      {@code null} to disable TLS NPN/ALPN extension.</em>
<a class="jxr_linenumber" name="92" href="#92">92</a>  <em class="jxr_javadoccomment">     * @param sessionCacheSize the size of the cache used for storing SSL session objects.</em>
<a class="jxr_linenumber" name="93" href="#93">93</a>  <em class="jxr_javadoccomment">     *                         {@code 0} to use the default value.</em>
<a class="jxr_linenumber" name="94" href="#94">94</a>  <em class="jxr_javadoccomment">     * @param sessionTimeout the timeout for the cached SSL session objects, in seconds.</em>
<a class="jxr_linenumber" name="95" href="#95">95</a>  <em class="jxr_javadoccomment">     *                       {@code 0} to use the default value.</em>
<a class="jxr_linenumber" name="96" href="#96">96</a>  <em class="jxr_javadoccomment">     */</em>
<a class="jxr_linenumber" name="97" href="#97">97</a>      <strong class="jxr_keyword">public</strong> <a href="../../../../../org/jboss/netty/handler/ssl/JdkSslServerContext.html">JdkSslServerContext</a>(
<a class="jxr_linenumber" name="98" href="#98">98</a>              <a href="../../../../../org/jboss/netty/handler/ssl/SslBufferPool.html">SslBufferPool</a> bufPool,
<a class="jxr_linenumber" name="99" href="#99">99</a>              File certChainFile, File keyFile, String keyPassword,
<a class="jxr_linenumber" name="100" href="#100">100</a>             Iterable&lt;String&gt; ciphers, Iterable&lt;String&gt; nextProtocols,
<a class="jxr_linenumber" name="101" href="#101">101</a>             <strong class="jxr_keyword">long</strong> sessionCacheSize, <strong class="jxr_keyword">long</strong> sessionTimeout) <strong class="jxr_keyword">throws</strong> SSLException {
<a class="jxr_linenumber" name="102" href="#102">102</a> 
<a class="jxr_linenumber" name="103" href="#103">103</a>         <strong class="jxr_keyword">super</strong>(bufPool, ciphers);
<a class="jxr_linenumber" name="104" href="#104">104</a> 
<a class="jxr_linenumber" name="105" href="#105">105</a>         <strong class="jxr_keyword">if</strong> (certChainFile == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="106" href="#106">106</a>             <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> NullPointerException(<span class="jxr_string">"certChainFile"</span>);
<a class="jxr_linenumber" name="107" href="#107">107</a>         }
<a class="jxr_linenumber" name="108" href="#108">108</a>         <strong class="jxr_keyword">if</strong> (keyFile == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="109" href="#109">109</a>             <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> NullPointerException(<span class="jxr_string">"keyFile"</span>);
<a class="jxr_linenumber" name="110" href="#110">110</a>         }
<a class="jxr_linenumber" name="111" href="#111">111</a> 
<a class="jxr_linenumber" name="112" href="#112">112</a>         <strong class="jxr_keyword">if</strong> (keyPassword == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="113" href="#113">113</a>             keyPassword = <span class="jxr_string">""</span>;
<a class="jxr_linenumber" name="114" href="#114">114</a>         }
<a class="jxr_linenumber" name="115" href="#115">115</a> 
<a class="jxr_linenumber" name="116" href="#116">116</a>         <strong class="jxr_keyword">if</strong> (nextProtocols != <strong class="jxr_keyword">null</strong> &amp;&amp; nextProtocols.iterator().hasNext()) {
<a class="jxr_linenumber" name="117" href="#117">117</a>             <strong class="jxr_keyword">if</strong> (!JettyNpnSslEngine.isAvailable()) {
<a class="jxr_linenumber" name="118" href="#118">118</a>                 <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SSLException(<span class="jxr_string">"NPN/ALPN unsupported: "</span> + nextProtocols);
<a class="jxr_linenumber" name="119" href="#119">119</a>             }
<a class="jxr_linenumber" name="120" href="#120">120</a> 
<a class="jxr_linenumber" name="121" href="#121">121</a>             List&lt;String&gt; list = <strong class="jxr_keyword">new</strong> ArrayList&lt;String&gt;();
<a class="jxr_linenumber" name="122" href="#122">122</a>             <strong class="jxr_keyword">for</strong> (String p: nextProtocols) {
<a class="jxr_linenumber" name="123" href="#123">123</a>                 <strong class="jxr_keyword">if</strong> (p == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="124" href="#124">124</a>                     <strong class="jxr_keyword">break</strong>;
<a class="jxr_linenumber" name="125" href="#125">125</a>                 }
<a class="jxr_linenumber" name="126" href="#126">126</a>                 list.add(p);
<a class="jxr_linenumber" name="127" href="#127">127</a>             }
<a class="jxr_linenumber" name="128" href="#128">128</a> 
<a class="jxr_linenumber" name="129" href="#129">129</a>             <strong class="jxr_keyword">this</strong>.nextProtocols = Collections.unmodifiableList(list);
<a class="jxr_linenumber" name="130" href="#130">130</a>         } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="131" href="#131">131</a>             <strong class="jxr_keyword">this</strong>.nextProtocols = Collections.emptyList();
<a class="jxr_linenumber" name="132" href="#132">132</a>         }
<a class="jxr_linenumber" name="133" href="#133">133</a> 
<a class="jxr_linenumber" name="134" href="#134">134</a>         String algorithm = Security.getProperty(<span class="jxr_string">"ssl.KeyManagerFactory.algorithm"</span>);
<a class="jxr_linenumber" name="135" href="#135">135</a>         <strong class="jxr_keyword">if</strong> (algorithm == <strong class="jxr_keyword">null</strong>) {
<a class="jxr_linenumber" name="136" href="#136">136</a>             algorithm = <span class="jxr_string">"SunX509"</span>;
<a class="jxr_linenumber" name="137" href="#137">137</a>         }
<a class="jxr_linenumber" name="138" href="#138">138</a> 
<a class="jxr_linenumber" name="139" href="#139">139</a>         <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="140" href="#140">140</a>             KeyStore ks = KeyStore.getInstance(<span class="jxr_string">"JKS"</span>);
<a class="jxr_linenumber" name="141" href="#141">141</a>             ks.load(<strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="142" href="#142">142</a>             CertificateFactory cf = CertificateFactory.getInstance(<span class="jxr_string">"X.509"</span>);
<a class="jxr_linenumber" name="143" href="#143">143</a>             KeyFactory rsaKF = KeyFactory.getInstance(<span class="jxr_string">"RSA"</span>);
<a class="jxr_linenumber" name="144" href="#144">144</a>             KeyFactory dsaKF = KeyFactory.getInstance(<span class="jxr_string">"DSA"</span>);
<a class="jxr_linenumber" name="145" href="#145">145</a> 
<a class="jxr_linenumber" name="146" href="#146">146</a>             <a href="../../../../../org/jboss/netty/buffer/ChannelBuffer.html">ChannelBuffer</a> encodedKeyBuf = PemReader.readPrivateKey(keyFile);
<a class="jxr_linenumber" name="147" href="#147">147</a>             byte[] encodedKey = <strong class="jxr_keyword">new</strong> byte[encodedKeyBuf.readableBytes()];
<a class="jxr_linenumber" name="148" href="#148">148</a>             encodedKeyBuf.readBytes(encodedKey);
<a class="jxr_linenumber" name="149" href="#149">149</a> 
<a class="jxr_linenumber" name="150" href="#150">150</a>             <strong class="jxr_keyword">char</strong>[] keyPasswordChars = keyPassword.toCharArray();
<a class="jxr_linenumber" name="151" href="#151">151</a>             PKCS8EncodedKeySpec encodedKeySpec = generateKeySpec(keyPasswordChars, encodedKey);
<a class="jxr_linenumber" name="152" href="#152">152</a> 
<a class="jxr_linenumber" name="153" href="#153">153</a>             PrivateKey key;
<a class="jxr_linenumber" name="154" href="#154">154</a>             <strong class="jxr_keyword">try</strong> {
<a class="jxr_linenumber" name="155" href="#155">155</a>                 key = rsaKF.generatePrivate(encodedKeySpec);
<a class="jxr_linenumber" name="156" href="#156">156</a>             } <strong class="jxr_keyword">catch</strong> (InvalidKeySpecException ignore) {
<a class="jxr_linenumber" name="157" href="#157">157</a>                 key = dsaKF.generatePrivate(encodedKeySpec);
<a class="jxr_linenumber" name="158" href="#158">158</a>             }
<a class="jxr_linenumber" name="159" href="#159">159</a> 
<a class="jxr_linenumber" name="160" href="#160">160</a>             List&lt;Certificate&gt; certChain = <strong class="jxr_keyword">new</strong> ArrayList&lt;Certificate&gt;();
<a class="jxr_linenumber" name="161" href="#161">161</a>             <strong class="jxr_keyword">for</strong> (ChannelBuffer buf: PemReader.readCertificates(certChainFile)) {
<a class="jxr_linenumber" name="162" href="#162">162</a>                 certChain.add(cf.generateCertificate(<strong class="jxr_keyword">new</strong> <a href="../../../../../org/jboss/netty/buffer/ChannelBufferInputStream.html">ChannelBufferInputStream</a>(buf)));
<a class="jxr_linenumber" name="163" href="#163">163</a>             }
<a class="jxr_linenumber" name="164" href="#164">164</a> 
<a class="jxr_linenumber" name="165" href="#165">165</a>             ks.setKeyEntry(<span class="jxr_string">"key"</span>, key, keyPasswordChars, certChain.toArray(<strong class="jxr_keyword">new</strong> Certificate[certChain.size()]));
<a class="jxr_linenumber" name="166" href="#166">166</a> 
<a class="jxr_linenumber" name="167" href="#167">167</a>             <em class="jxr_comment">// Set up key manager factory to use our key store</em>
<a class="jxr_linenumber" name="168" href="#168">168</a>             KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
<a class="jxr_linenumber" name="169" href="#169">169</a>             kmf.init(ks, keyPasswordChars);
<a class="jxr_linenumber" name="170" href="#170">170</a> 
<a class="jxr_linenumber" name="171" href="#171">171</a>             <em class="jxr_comment">// Initialize the SSLContext to work with our key managers.</em>
<a class="jxr_linenumber" name="172" href="#172">172</a>             ctx = SSLContext.getInstance(PROTOCOL);
<a class="jxr_linenumber" name="173" href="#173">173</a>             ctx.init(kmf.getKeyManagers(), <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>);
<a class="jxr_linenumber" name="174" href="#174">174</a> 
<a class="jxr_linenumber" name="175" href="#175">175</a>             SSLSessionContext sessCtx = ctx.getServerSessionContext();
<a class="jxr_linenumber" name="176" href="#176">176</a>             <strong class="jxr_keyword">if</strong> (sessionCacheSize &gt; 0) {
<a class="jxr_linenumber" name="177" href="#177">177</a>                 sessCtx.setSessionCacheSize((<strong class="jxr_keyword">int</strong>) Math.min(sessionCacheSize, Integer.MAX_VALUE));
<a class="jxr_linenumber" name="178" href="#178">178</a>             }
<a class="jxr_linenumber" name="179" href="#179">179</a>             <strong class="jxr_keyword">if</strong> (sessionTimeout &gt; 0) {
<a class="jxr_linenumber" name="180" href="#180">180</a>                 sessCtx.setSessionTimeout((<strong class="jxr_keyword">int</strong>) Math.min(sessionTimeout, Integer.MAX_VALUE));
<a class="jxr_linenumber" name="181" href="#181">181</a>             }
<a class="jxr_linenumber" name="182" href="#182">182</a>         } <strong class="jxr_keyword">catch</strong> (Exception e) {
<a class="jxr_linenumber" name="183" href="#183">183</a>             <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> SSLException(<span class="jxr_string">"failed to initialize the server-side SSL context"</span>, e);
<a class="jxr_linenumber" name="184" href="#184">184</a>         }
<a class="jxr_linenumber" name="185" href="#185">185</a>     }
<a class="jxr_linenumber" name="186" href="#186">186</a> 
<a class="jxr_linenumber" name="187" href="#187">187</a>     @Override
<a class="jxr_linenumber" name="188" href="#188">188</a>     <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isClient() {
<a class="jxr_linenumber" name="189" href="#189">189</a>         <strong class="jxr_keyword">return</strong> false;
<a class="jxr_linenumber" name="190" href="#190">190</a>     }
<a class="jxr_linenumber" name="191" href="#191">191</a> 
<a class="jxr_linenumber" name="192" href="#192">192</a>     @Override
<a class="jxr_linenumber" name="193" href="#193">193</a>     <strong class="jxr_keyword">public</strong> List&lt;String&gt; nextProtocols() {
<a class="jxr_linenumber" name="194" href="#194">194</a>         <strong class="jxr_keyword">return</strong> nextProtocols;
<a class="jxr_linenumber" name="195" href="#195">195</a>     }
<a class="jxr_linenumber" name="196" href="#196">196</a> 
<a class="jxr_linenumber" name="197" href="#197">197</a>     @Override
<a class="jxr_linenumber" name="198" href="#198">198</a>     <strong class="jxr_keyword">public</strong> SSLContext context() {
<a class="jxr_linenumber" name="199" href="#199">199</a>         <strong class="jxr_keyword">return</strong> ctx;
<a class="jxr_linenumber" name="200" href="#200">200</a>     }
<a class="jxr_linenumber" name="201" href="#201">201</a> 
<a class="jxr_linenumber" name="202" href="#202">202</a>     <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="203" href="#203">203</a> <em class="jxr_javadoccomment">     * Generates a key specification for an (encrypted) private key.</em>
<a class="jxr_linenumber" name="204" href="#204">204</a> <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="205" href="#205">205</a> <em class="jxr_javadoccomment">     * @param password characters, if {@code null} or empty an unencrypted key is assumed</em>
<a class="jxr_linenumber" name="206" href="#206">206</a> <em class="jxr_javadoccomment">     * @param key bytes of the DER encoded private key</em>
<a class="jxr_linenumber" name="207" href="#207">207</a> <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="208" href="#208">208</a> <em class="jxr_javadoccomment">     * @return a key specification</em>
<a class="jxr_linenumber" name="209" href="#209">209</a> <em class="jxr_javadoccomment">     *</em>
<a class="jxr_linenumber" name="210" href="#210">210</a> <em class="jxr_javadoccomment">     * @throws IOException if parsing {@code key} fails</em>
<a class="jxr_linenumber" name="211" href="#211">211</a> <em class="jxr_javadoccomment">     * @throws NoSuchAlgorithmException if the algorithm used to encrypt {@code key} is unkown</em>
<a class="jxr_linenumber" name="212" href="#212">212</a> <em class="jxr_javadoccomment">     * @throws NoSuchPaddingException if the padding scheme specified in the decryption algorithm is unkown</em>
<a class="jxr_linenumber" name="213" href="#213">213</a> <em class="jxr_javadoccomment">     * @throws InvalidKeySpecException if the decryption key based on {@code password} cannot be generated</em>
<a class="jxr_linenumber" name="214" href="#214">214</a> <em class="jxr_javadoccomment">     * @throws InvalidKeyException if the decryption key based on {@code password} cannot be used to decrypt {@code</em>
<a class="jxr_linenumber" name="215" href="#215">215</a> <em class="jxr_javadoccomment">     * key}</em>
<a class="jxr_linenumber" name="216" href="#216">216</a> <em class="jxr_javadoccomment">     * @throws InvalidAlgorithmParameterException if decryption algorithm parameters are somehow faulty</em>
<a class="jxr_linenumber" name="217" href="#217">217</a> <em class="jxr_javadoccomment">     */</em>
<a class="jxr_linenumber" name="218" href="#218">218</a>     <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">static</strong> PKCS8EncodedKeySpec generateKeySpec(<strong class="jxr_keyword">char</strong>[] password, byte[] key)
<a class="jxr_linenumber" name="219" href="#219">219</a>             <strong class="jxr_keyword">throws</strong> IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
<a class="jxr_linenumber" name="220" href="#220">220</a>                    InvalidKeyException, InvalidAlgorithmParameterException {
<a class="jxr_linenumber" name="221" href="#221">221</a> 
<a class="jxr_linenumber" name="222" href="#222">222</a>         <strong class="jxr_keyword">if</strong> (password == <strong class="jxr_keyword">null</strong> || password.length == 0) {
<a class="jxr_linenumber" name="223" href="#223">223</a>             <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">new</strong> PKCS8EncodedKeySpec(key);
<a class="jxr_linenumber" name="224" href="#224">224</a>         }
<a class="jxr_linenumber" name="225" href="#225">225</a> 
<a class="jxr_linenumber" name="226" href="#226">226</a>         EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = <strong class="jxr_keyword">new</strong> EncryptedPrivateKeyInfo(key);
<a class="jxr_linenumber" name="227" href="#227">227</a>         SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName());
<a class="jxr_linenumber" name="228" href="#228">228</a>         PBEKeySpec pbeKeySpec = <strong class="jxr_keyword">new</strong> PBEKeySpec(password);
<a class="jxr_linenumber" name="229" href="#229">229</a>         SecretKey pbeKey = keyFactory.generateSecret(pbeKeySpec);
<a class="jxr_linenumber" name="230" href="#230">230</a> 
<a class="jxr_linenumber" name="231" href="#231">231</a>         Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
<a class="jxr_linenumber" name="232" href="#232">232</a>         cipher.init(Cipher.DECRYPT_MODE, pbeKey, encryptedPrivateKeyInfo.getAlgParameters());
<a class="jxr_linenumber" name="233" href="#233">233</a> 
<a class="jxr_linenumber" name="234" href="#234">234</a>         <strong class="jxr_keyword">return</strong> encryptedPrivateKeyInfo.getKeySpec(cipher);
<a class="jxr_linenumber" name="235" href="#235">235</a>     }
<a class="jxr_linenumber" name="236" href="#236">236</a> }
</pre>
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
</html>

